AWS, Cloud Computing

6 Mins Read

Monitor Performance and Availability of AWS-Hosted Apps using Amazon CloudWatch Internet Monitor


Amazon CloudWatch Internet Monitor, a new internet monitoring solution from AWS. Your workload footprint on AWS is taken into account when Internet Monitoring provides you with continuous observability of internet measurements like availability and performance. Delivering a standard-setting experience for your AWS apps can be facilitated by providing yourself with a reliable approach to monitor crucial insights.

Using Internet Monitor, you may learn more about issues (events) by location and internet service provider as well as average internet performance indicators over time (ISP). You can quickly determine which activities are affecting how users interact with apps hosted by Amazon CloudFront, Amazon WorkSpaces directories, or directly in Amazon Virtual Private Clouds by using Internet Monitor (VPCs).

By bridging the internet’s network path between your users and your application, Internet Monitor completes the CloudWatch stack:

  • User experience – CloudWatch Real User Monitoring (RUM) and CloudWatch Synthetics
  • Internet health – Internet Monitor
  • Application stack health – AWS X-Ray and CloudWatch ServiceLens
  • Resource health – CloudWatch Logs and CloudWatch Metrics

Internet Monitor components

Let’s define a few fundamental terms and concepts before we demonstrate how Internet Monitor functions.

  • Monitor: It is the container for your configuration that defines all the resources to monitor.
  • Health event: A health event is started by Internet Monitor when it notices a severe performance degradation in your traffic. Information on the impacted client locations and network providers is provided for each health event (ISPs).
  • Performance and availability scores (health scores): An estimation based on statistics of the proportion of traffic to your application not affected by a decline in performance or availability. These results are readily available as metrics in CloudWatch.
  • CloudWatch Logs: For locations and network providers specific to your clients, Internet Monitor publishes measurements to CloudWatch Logs that include performance and availability scores, bytes transferred, and round-trip time (RTT)

  • Cloud Migration
  • Devops
  • AIML & IoT
Know More

Working of Internet Monitor

Internet Monitor makes use of information that AWS is already gathering from the various AWS Regions and edge locations as well as the networks your customers use to access the application endpoints. Internally, AWS uses this connectivity data to proactively identify internet connectivity issues and then take action to enhance customer experiences.

We are aware of which parts of the internet connect to each AWS Region so that we can keep an eye on them. We employ both incoming and outgoing networks and higher-level protocol probes. We compute health scores using those performance and availability measures as a baseline to alert you when there are severe issues for your end customers in various geographic areas. The traffic profile that Internet Monitor generates when you create a monitor, depending on your resources, describes user locations and the proportion of traffic going to each one. The AWS baseline performance profile is then superimposed over your traffic profile, from which we get the performance and availability scores that depict anticipated deviations from the baseline.

Alerting on health events

You have several options for receiving alerts regarding Internet Monitor health events after creating a monitor. Your decision may be influenced by factors including your filtering needs, the types of historical information, and the actions you want to do when the alert goes off. Health event alert options include:

  • CloudWatch Alarms, based on the performance and availability parameters for Internet Monitor events
  • CloudWatch Alarms, according to a measure produced by a metric filter in CloudWatch Logs
  • Amazon EventBridge rules, to filter the health events generated by Internet Monitor

When you require extra metrics to measure user experience metrics in your application dashboard at a more detailed level, a CloudWatch Alarm can be helpful. If you require warnings when your users encounter impacts that don’t cause Internet Monitor to create a health event, you may also decide to use alarms.

You can develop event-driven automatic reactions for events produced by Internet Monitor using EventBridge.


For the following sections, we assume that you are familiar with fundamental AWS networking services, such as VPCs, CloudWatch Logs, and CloudWatch EventBridge. We will not define each service, but rather detail the procedures necessary to use them using Internet Monitor. The related user manuals include thorough information on AWS resources.

Step-By-Step Guide to create Internet Monitor setup

Step 1: In CloudWatch Internet Monitor, create a monitor.

  • To create a monitor, navigate to the Internet Monitor page in the CloudWatch dashboard and choose Create monitor.


Step 2: Enter a name for your monitor, and then choose Add resources.


Step 3: In our example, we’ll add a VPC, because we have an EC2-hosted web application.


Step 4: On the resources page, select the VPC, and then choose Add. Choose Next.


Step 5: Review the configuration, and then choose Create monitor. The monitor takes a few minutes to become active.


Step 6: Alerts configuration

  • We’ll utilize Amazon EventBridge for alerting. Go to Amazon EventBridge in the AWS Management Console. Pick to create an EventBridge rule.


  • Enter a relevant name and description. Use the Default event bus for the rule.


  • For the event source, select Other.


  • Skip the sample event configuration, and then, for the Creation method, choose Custom pattern.


  • We will enter the following JSON code, for example:



Step 7: Next, we’ll configure two targets for our events: a new Amazon Simple Notification Service (SNS) topic and a CloudWatch log group for our logs over time, and for reporting purposes.


  • Create an Amazon Simple Notification Service (SNS) topic


  • CloudWatch log group


Step 8: Configure two targets for our events: a new Amazon Simple Notification Service (SNS) topic and a CloudWatch log group



  • When there’s an Internet Monitor health event that matches our rules, we’ll receive the event in our SNS queue and the CloudWatch log group.


Monitoring Amazon VPC resources

A critical metric for customers using VPC is round-trip time (RTT). When RTT is greater than 100ms, it impacts the end user’s performance experience. For our use case, we will create a custom metric to see the RTT for only Indian end users.

The steps for this are the following for custom metric to visualize:

Filter Internet Monitor event logs based on client location.      In the CloudWatch Logs console, you can see the Internet Monitor log data in JSON format in the namespace /aws/internet-monitor/your-monitor-name/byCountry.


In this example, with our Indian customers, country level granularity is most useful. Individual measurement events are included inside the log streams. Each event contains geographical and network information for client locations, traffic statistics, availability scores, and performance scores.

To filter the Internet Monitor logs, we will use the clientLocation.countryCode field with the following setting.     {$.clientLocation.countryCode=India || $.clientLocation.countryCode=IN}.

This allows us to visualize the log events for client locations in India.



A new service that gives visibility into the performance of your internet-facing apps by leveraging connection data captured by AWS from its worldwide networking footprint. Internet Monitor enables you to make more educated decisions by utilizing elements that affect the end-user experience that you would not otherwise be aware of, allowing you to optimize your workload deployment strategy.

Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.

  • Cloud Training
  • Customized Training
  • Experiential Learning
Read More

About CloudThat

CloudThat is also the official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft gold partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.

Drop a query if you have any questions regarding Amazon CloudWatch and I will get back to you quickly.

To get started, go through our Consultancy page and Managed Services Package that is CloudThat’s offerings.


1. Is it possible to set up Health notifications on an internet monitor?

ANS: – Yes, Internet Monitor transmits health events to Amazon EventBridge, allowing you to configure notifications. Internet Monitor checks your application’s internet connectivity through Amazon Virtual Private Clouds (VPCs), Amazon CloudFront distributions, and Amazon Workspaces directories.

2. How does Amazon CloudWatch Internet monitor measure connectivity issues?

ANS: – Amazon CloudWatch Internet Monitor collects internet connection data from various AWS Regions and CloudFront points of presence (POPs) in various regions via network providers or Autonomous System Numbers (ASNs), often internet service providers (ISPs). This connectivity data is utilized daily by AWS operators to proactively discover connection issues throughout the worldwide internet.

3. How does Amazon CloudWatch Internet Monitor resolve health events?

ANS: – Internet Monitor generates and resolves health events in a monitor depending on the overall impact that connectivity issues have on a customer’s application. Internet Monitor assesses the impact of connection difficulties on a client location using historical data about internet performance and availability for network traffic provided by AWS. It applies relevant information based on the geographic locations of network providers and services applicable to the customer’s application, as defined by the resources you added to the monitor. Then, Internet Monitor employs statistical analysis to discover when performance and availability have deteriorated, resulting in a negative impact on the client.

WRITTEN BY Nishant Ranjan

Nishant Ranjan is a Sr. Research Associate (Migration, Infra, and Security) at CloudThat. He completed his Bachelor of Engineering degree in Computer Science and completed various certifications in multi-cloud such as AWS, Azure, and GCP. His area of interest lies in Cloud Architecture and Security, Application Security, Application Migration, CICD, and Disaster Recovery. Besides professional interests, he likes learning the latest technologies and tools, reading books, and traveling.



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!